Re: Identified does not match issue - Kerberos

This is a discussion on Re: Identified does not match issue - Kerberos ; > > C:\Program Files\Java\jdk1.5.0_16\bin>kinit -k -tc:\JBOSS.host.keytab > > JBOSS > > Exception: krb_error 24 Pre-authentication information was invalid This could be because the password/keytab or the principal name you provided you have provided may not be incorrect . Also you ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: Identified does not match issue

  1. Re: Identified does not match issue

    >
    > C:\Program Files\Java\jdk1.5.0_16\bin>kinit -k -tc:\JBOSS.host.keytab
    >
    > JBOSS
    >
    > Exception: krb_error 24 Pre-authentication information was invalid


    This could be because the password/keytab or the principal name you
    provided you have provided may not be incorrect .

    Also you could check if there is any large clock skew time difference on
    your AD box and the client.

  2. Re: Identified does not match issue

    I have checked and double checked the issue with password and
    everything looks right. The time is also synchronized.

    Here is some more information that I found last night

    If I run "kinit JBOSS <>" - it works fine and it gets the
    Ticket without any errors

    But when I use the keytab that I generate using ktab utility "ktab -k -
    t FILE:c:\myfile.keytab -a JBOSS <>" and then pass on this
    file to kinit utility using
    "kinit -k -t FILE:c:\myfile.ketyab JBOSS" I get the preauthenticatin
    error. Seems like the Ktab is generating a keytab file that is meshing
    up the password.

    Given that the first command succeeds tells me that the use is setup
    correctly on the AD side. (I further verified that by passing in a
    wrong password in "kinit JBOSS <>" and as expected it
    fails telling me that it does verifies the password as it is expected)

    Any help would be highly appreciated

    vs

    On Nov 4, 5:20*am, anil.shashikumar.be...@gmail.com wrote:
    > > C:\Program Files\Java\jdk1.5.0_16\bin>kinit -k -tc:\JBOSS.host.keytab

    >
    > > JBOSS

    >
    > > Exception: krb_error 24 Pre-authentication information was invalid

    >
    > This could be because the password/keytab or the principal name you *
    > provided you have provided may not be incorrect .
    >
    > Also you could check if there is any large clock skew time difference on *
    > your AD box and the client.



+ Reply to Thread